Why Zero Trust
Today’s organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the hybrid workplace, and protects people, devices, apps, and data wherever they’re located.
Be more efficient
Save up to 60 percent by using comprehensive Microsoft Security rather than multiple point solutions.1
What’s next in your Zero Trust journey?
Zero Trust defined
Instead of assuming everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust, always verify.” Every access request is fully authenticated, authorized, and encrypted before granting access. Microsegmentation and least-privilege access principles are applied to minimize lateral movement. Rich intelligence and analytics are utilized to detect and respond to anomalies in real time.
Zero Trust defense areas
Identities
Verify and secure each identity with strong authentication across your entire digital estate.
Endpoints
Gain visibility into devices accessing the network. Ensure compliance and health status before granting access.
Apps
Discover shadow IT, ensure appropriate in-app permissions, gate access based on real-time analytics, and monitor and control user actions.
Data
Move from perimeter-based data protection to data-driven protection. Use intelligence to classify and label data. Encrypt and restrict access based on organizational policies.
Infrastructure
Use telemetry to detect attacks and anomalies, automatically block and flag risky behavior, and employ least-privilege access principles.
Network
Ensure that devices and users aren’t trusted just because they’re on an internal network. Encrypt all internal communications, limit access by policy, and employ microsegmentation and real-time threat detection.
Demos and expert insights
- Zero Trust Essentials
- Identity Controls
- Endpoints and Applications
- Network and Infrastructure
- Data
- Zero Trust Essentials
- Identity Controls
- Endpoints and Applications
- Network and Infrastructure
- Data
Discover how customers are making Zero Trust a reality
Inform your strategy and adoption
Implementing Zero Trust at Microsoft
Microsoft has adopted a Zero Trust strategy to secure corporate and customer data. The implementation centers on strong user identity, device health verification, validation of app health, and least-privilege access to resources and services.
Deploy, integrate, and develop
Take the next steps in your organization’s end-to-end implementation. with ourGo to the Zero Trust Guidance Center docs for deployment, integration, and app development documentation and best practices.
Compare your progress
Get the latest research on how and why organizations are adopting Zero Trust to help inform your strategy, uncover collective progress and prioritizations, and gain insights on this rapidly evolving space.
A holistic approach to Zero Trust should extend to your entire digital estate—inclusive of identities, endpoints, network, data, apps, and infrastructure. Zero Trust architecture serves as a comprehensive end-to-end strategy and requires integration across the elements.
The foundation of Zero Trust security is identities. Both human and non-human identities need strong authorization, connecting from either personal or corporate endpoints with compliant devices, requesting access based on strong policies grounded in Zero Trust principles of explicit verification, least-privilege access, and assumed breach.
As a unified policy enforcement, the Zero Trust policy intercepts the request, explicitly verifies signals from all six foundational elements based on policy configuration, and enforces least-privilege access. Signals include the role of the user, location, device compliance, data sensitivity, and application sensitivity. In additional to telemetry and state information, the risk assessment from threat protection feeds into the policy engine to automatically respond to threats in real time. Policy is enforced at the time of access and continuously evaluated throughout the session.
This policy is further enhanced by policy optimization. Governance and compliance are critical to a strong Zero Trust implementation. Security posture assessment and productivity optimization are necessary to measure the telemetry throughout the services and systems.
The telemetry and analytics feeds into the threat protection system. Large amounts of telemetry and analytics enriched by threat intelligent generates high-quality risk assessments that can either be manually investigated or automated. Attacks happen at cloud speed and because humans can’t react quickly enough or sift through all the risks, your defense systems must also act at cloud speed. The risk assessment feeds into the policy engine for real-time automated threat protection and additional manual investigation if needed.
Traffic filtering and segmentation is applied to the evaluation and enforcement from the Zero Trust policy before access is granted to any public or private network.
Data classification, labeling, and encryption should be applied to emails, documents, and structured data. Access to apps should be adaptive, whether SaaS or on-premises. Runtime control is applied to infrastructure with serverless, containers, IaaS, PaaS, and internal sites with just-in-time (JIT) and version controls actively engaged.
Finally, telemetry, analytics, and assessment from the network, data, apps, and infrastructure are fed back into the policy optimization and threat protection systems.
More resources
Zero Trust security blogs
CISO blog series
U.S. Executive Order
Security partners
